Compound Alerts

 

A brief video that shows how to use static alerts in coordination with dynamic alerts in the SevOne NMS.

Transcription:

In this video, we're going to cover how to create a compound alert in SevOne. To get to this particular section, in terms of editing a policy, please refer to the Creating a Static Alert video to figure out how to navigate to this particular section. I've already set up which device group this applies to, which operating system, etc. What we're going to do is actually apply a compound alert to interfaces, and a great about the SevOne baseline is that it acts in many ways like an anomaly detector, and this is most powerful when combined with static thresholds to give you a bit of context.

For example, if you normally alert on a group of interfaces when utilization is above 90%, you could take that exact same threshold condition and just lower the bar a little bit, and say, you know what, I want to get an alert when utilization is 80%, but only if for the past 15 minutes the utilization on the interface has been 3 standard deviations above what is normal for this time of the day and this day of the week. Only when those 2 conditions are violated, send me an alert, and that's what we're going to actually go through in this video. This can apply to interfaces, this could apply to CPU, or just about anything that we are measuring and baselining in SevOne.

First steps first, let's get the right indicators near. Let's start with the in octets, and we're going to start with our static threshold to give us context, so 80% for 15 minutes. Hit save. I'm then going to create a baseline alert of 3 standard deviations for 15 minutes. Only when these two together are violated, will it set off the alarm. Now, it probably makes sense to do the same for out octets, so I will do that right now. Finally, just condition this on the baseline. The baseline can be used in a lot of different ways. This is just one of the more common or even more useful ways because it allows you to adapt your existing alerting strategy with a way to detect anomalies.

We're going to want to also set up a clear condition, as is the best practice. We don't really care so much about the baseline when we're clearing it out. We just really care about being outside of that danger zone, as we've defined as 80% utilization, so as long as I am under 80% for 10 minutes on average, I'm happy. I noticed I forgot to change this to percent, easy fix. Before I save this, let's just review.

In the trigger condition section, we're looking at if average HC in octets is greater than 80% over 15 minutes, it's going to trigger an alarm only if at the same time for the past 15 minutes, we have been 3 standard deviations away from what is normal for this time of the day and this day of the week, and it will be the same story for out octets as well. If we look at the clear condition, we just care that we're outside of the danger zone, and we've set up our first compound alert. I think it should be pretty easy to see how this would apply to just about any static threshold strategy you're currently following in your infrastructure.

NMS Guide

In addition to these videos, remember that the SevOne NMS Guide is available on every appliance. Just click the question mark at the top right of any page. This will automatically bring you to the section of the product manual that corresponds to the page you are currently on.

Configuration

Installing Your vPAS using vSphere Client
This video details how to install a vPAS using vSphere Client.
Watch Now
Installing Your vPAS using VMware Player
This video details how to install a vPAS using VMware Player.
Watch Now
Using The SevOne Startup Wizard
This video details how to utilize the startup wizard to facilitate a hands-off setup of your SevOne appliance.
Watch Now
Adding Devices using the Subnet Sweeper
A brief video outlining how to add devices by scanning a subnet.
Watch Now
Using the SevOne Cluster Manager
This video showcases essential features of the Cluster Manager in the SevOne Network Monitoring System.
Watch Now

Initial Setup

Adding A Device To SevOne's NMS
This video details how to manually add and delete a device in the SevOne Network Monitoring System.
Watch Now
Add Devices by CSV Import
This video details how to use the CSV import to add devices into SevOne.
Watch Now
Managing Device Groups In SevOne's Network Monitoring System
This video details the functionality and customization of device groups in the SevOne.
Watch Now
Managing Object Group's In SevOne's Network Monitoring System
This video details how to use the user role manager to control access to SevOne.
Watch Now
Selective Discovery
A short video showing how to use object rules to help streamline the discovery process.
Watch Now

Alerts

Alerts Console
This video details how to utilize the Alerts Console.
Watch Now
Alert Summary
This video details how to utilize the Alert Summary.
Watch Now
Infrastructure Status Maps
This video details how to create Status Maps within SevOne.
Watch Now
Compound Alerts
A brief video that shows how to use static alerts in coordination with dynamic alerts in the SevOne NMS.
Watch Now
Static Alerts
A brief video showing how to create static threshold alerts in the SevOne system.
Watch Now

Dashboards

Dashboard Overview
This video gives an overview to a typical Dashboard.
Watch Now
TopN Dashboards
This video gives an overview to the TopN Report.
Watch Now
Performance Metric Dashboards
This video gives an overview to various Performance Metrics.
Watch Now
Group Metrics Dashboards
This video gives an overview to various Group Metrics.
Watch Now
FlowFalcon Dashboards
This video gives an overview to the Flow Falcon Report Attachment.
Watch Now
Network Alerting Dashboards
This video gives an overview to the Alerts Report Attachment.
Watch Now
Network Status Map Dashboards
This video gives an overview to the Status Maps Report Attachment.
Watch Now
Network Device Dashboards
This video gives an overview to the Devices Report Attachment.
Watch Now
Topology
Overview of the new topology feature provides a visual representation of how your devices interacts with each other
Watch Now

Out of The Box Reports

Creating Reports form Device Summaries
This video details how to create and report from a device summary.
Watch Now
Creating Device Templates
This video details how to create a device template.
Watch Now
Creating TopN Reports
A brief overview of how to create TopN reports and add them to dashboards.
Watch Now
Custom TopN Reports
A short video showing how to create custom TopN reports.
Watch Now

Objects

What is an Object
This video provides an overview of the object manager.
Watch Now
Object Manager
This video details the various functions of the Object Manager in the SevOne Network Monitoring System.
Watch Now
Disable Objects with Object Rules
This video details the various object rules and discusses the best practices for monitoring within the SevOne Network Monitoring System.
Watch Now
Set Max Speed Value for Interface
This video shows how to override the max value for an indicator.
Watch Now

Users

User Roles
This video goes over SevOne's User Role Manager.
Watch Now
Active Directory Authentication
This video goes over Authentication within SevOne.
Watch Now

Pollers

Cisco Call Manager
This video covers the configuration required to parse CDR records and to poll the CUCM API.
Watch Now
DNS
This video details how to utilize the DNS poller in SevOne.
Watch Now
Custom Calculations
This video details how to create custom calculations.
Watch Now
HTTP
This video details how to utilize the HTTP poller in SevOne.
Watch Now
ICMP
This video details how to utilize the ICMP poller in SevOne.
Watch Now
PortShaker
This video details how to utilize PortShaker within SevOne.
Watch Now
Process
This video details how to utilize the Process poller in SevOne.
Watch Now
WMI
A brief how-to video showing how to enable and monitor devices with the WMI poller in SevOne.
Watch Now
Checking that SNMP is Working
A brief how-to video outlining how to determine if SNMP is working on your enabled devices.
Watch Now
IP SLA
A brief video showing how to run an IP SLA test using SevOne.
Watch Now
Metadata
A brief how to video showing how Metadata is integrated and used inside the SevOne system.
Watch Now
Monitoring Your Openstack Infrastructure
A brief video outlining SevOne’s OpenStack monitoring capabilities.
Watch Now

Flow

Is SevOne Receiving Flow Data?
This is how you can properly check your instance of SevOne to make sure that you are receiving Flow Data.
Watch Now
Monitoring Cisco AVC
See SevOne’s ability to monitor of Cisco AVC in action.
Watch Now

Need More Help?

Our forums are used by SevOne users and our support team alike. If you have a question that is not directly addressed by the SevOne NMS guide, check to see if others have already asked your question on our forums. Since content on our forums helps all of our users, you can expect a timely answer that taps a broad pool of talent.